reiserfs: Initialize sec->length in reiserfs_security_init().

syzbot is reporting that sec->length is not initialized. Since security_inode_init_security() returns 0 when initxattrs is provided but call_int_hook(inode_init_security) returned -EOPNOTSUPP, control will reach to "if (sec->length && ...) {" without initializing sec->length. Reported-by: syzbot <syzbot+00a3779539a23cbee38c@syzkaller.appspotmail.com> Closes: https://syzkaller.appspot.com/bug?extid=00a3779539a23cbee38cSigned-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Fixes: 52ca4b64 ("reiserfs: Switch to security_inode_init_security()") Signed-off-by: Paul Moore <paul@paul-moore.com>

reiserfs: Initialize sec->length in reiserfs_security_init().
syzbot is reporting that sec->length is not initialized. Since security_inode_init_security() returns 0 when initxattrs is provided but call_int_hook(inode_init_security) returned -EOPNOTSUPP, control will reach to "if (sec->length && ...) {" without initializing sec->length. Reported-by: syzbot <syzbot+00a3779539a23cbee38c@syzkaller.appspotmail.com> Closes: https://syzkaller.appspot.com/bug?extid=00a3779539a23cbee38cSigned-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Fixes: 52ca4b64 ("reiserfs: Switch to security_inode_init_security()") Signed-off-by: Paul Moore <paul@paul-moore.com>
d031f4e8 · Tetsuo Handa · Paul Moore · a495108e · d031f4e8
Commit d031f4e8 authored May 11, 2023 by Tetsuo Handa Committed by Paul Moore May 25, 2023
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 0 deletions

fs/reiserfs/xattr_security.c fs/reiserfs/xattr_security.c +1 -0

No files found.
--- a/fs/reiserfs/xattr_security.c
+++ b/fs/reiserfs/xattr_security.c
@@ -67,6 +67,7 @@ int reiserfs_security_init(struct inode *dir, struct inode *inode,

 	sec->name = NULL;
 	sec->value = NULL;
+	sec->length = 0;

 	/* Don't add selinux attributes on xattrs - they'll never get used */
 	if (IS_PRIVATE(dir))